California Bush Fires Spark Blackhat SEO Campaigns

The California bush fires that destroyed 50 homes and 10 commercial buildings and claimed the lives of two firefighters have become the focus of cybercriminals’ latest social engineering ploy.

Users looking for information about the fires in Auburn on the Web with search terms like “auburn fire map” are met by results that point to malware-ridden sites hosting rogue antivirus products such as:

http://california-fire-map.{BLOCKED}angocafe.com/

http://california-fires-map.{BLOCKED}angocafe.com/

http://california-fires-map.{BLOCKED}lifepromotion.com/

http://auburn-ca-fire-map.{BLOCKED}lifepromotion.com/

As if that is not alarming enough, Trend Micro Research Project Manager Ivan Macalintal also noted that there are other cybercriminal campaigns in different malicious domains delivering various malware such as one targeting Macs detected as OSX_JAHLAV.M.

This scam is the latest example of a profit-motivated attack that takes advantage of tragedies and natural disasters to distribute malware, reminiscent of Hurricane Katrina-inspired attacks.

As usual, users are advised to only rely on well-known news outlets for updates on the incident, as cybercriminals are never slow to leap on such an opportunity. And as this targets Mac users yet again, we cannot reiterate the fact that no OS is safe.